|
|
|
|
Article on
LTE NAS Security - 2
by
Samir Amberkar
(published on 6-Jun-2012)
|
|
|
Abstract:
This article is a continuation of earlier article on LTE NAS Security which mainly explained "native" security context. It talks about LTE NAS Security during Inter RAT scenarios.
|
|
|
In earlier article, we looked at security flow for "native" NAS security context. Consider scenarios of inter-system change (inter RAT mobility) wherein UE move from E-UTRAN to GERAN/UTRAN or from GERAN/UTRAN to E-UTRAN. It would be needed to maintain security and at the same time, reduce time needed to "switch". This can be done by re-using earlier established native security context if present (something like E-UTRAN to UTRAN and back to E-UTRAN) or otherwise by mapping one security context to another one (EPS security context ⇔ UMTS security context).
In LTE, NAS security is independent of AS; NAS security activation is done by NAS and messages are integrity protected/ciphered by NAS itself . In UMTS, even though NAS takes care of security context exchange (RAND, AUTN, KSI, Capability etc.), integrity protection/ciphering/security activation is performed by AS [33.102:6.4.5], [25.331:8.1.2]. Our focus would be flow of security context from LTE NAS point of view.
EPS NAS/UMTS/GPRS Security contexts
EPS NAS, UMTS, and GSM/GPRS security contexts are shown below.
EPS NAS
eKSI
KKSME/KSGSN
UL NAS count
DL NAS count
UE security capability
KNASint/Enc algo id
KNASenc/Int algo id
|
|
EFNASNSC
|
UMTS
KSI
CK
IK
selected Ciphering algo
selected Integrity algo
|
|
EFKeys
|
GPRS
EFKc
|
Fig 1.5.1
Diagrams below shows the way to derive UMTS/GPRS contexts based on EPS NAS context and other way round. Ref: [33.401:A], [24.008:4.7.7.10], [33.102:6.8.1.2].
|
|
|
|
|
|
|
|
|
|
|
